Known Vulnerabilities for products from Unzip Project
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Unzip Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-0530 json | A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of an utf-8 string to a local string that leads... | 5.5 - MEDIUM | 2022-02-09 | 2023-11-09 |
| CVE-2022-0529 json | A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of wide string to local string that leads to a ... | 5.5 - MEDIUM | 2022-02-09 | 2023-11-09 |
| CVE-2021-4217 json | A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null poi... | 3.3 - LOW | 2022-08-24 | 2022-11-29 |
| CVE-2020-36561 json | Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) out... | 9.1 - CRITICAL | 2022-12-27 | 2023-06-08 |
| CVE-2019-13232 json | Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consump... | 3.3 - LOW | 2019-07-04 | 2023-11-07 |
| CVE-2018-1000035 json | A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that a... | 7.8 - HIGH | 2018-02-09 | 2020-08-24 |
| CVE-2018-18384 json | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size... | 5.5 - MEDIUM | 2018-10-16 | 2019-12-16 |
| CVE-2016-9844 json | Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of serv... | 4 - MEDIUM | 2017-01-18 | 2019-12-16 |
| CVE-2015-7697 json | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive... | 4.3 - MEDIUM | 2015-11-06 | 2019-12-16 |
| CVE-2015-7696 json | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) o... | 6.8 - MEDIUM | 2015-11-06 | 2019-12-16 |
| CVE-2014-9913 json | Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of servi... | 4 - MEDIUM | 2017-01-18 | 2019-12-16 |
| CVE-2014-9636 json | unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field wit... | 5 - MEDIUM | 2015-02-06 | 2019-12-16 |
| CVE-2014-8141 json | Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute ... | 7.8 - HIGH | 2020-01-31 | 2023-02-13 |
| CVE-2014-8140 json | Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute... | 7.8 - HIGH | 2020-01-31 | 2023-02-13 |
| CVE-2014-8139 json | Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arb... | 7.8 - HIGH | 2020-01-31 | 2023-02-13 |
Known software with vulnerabilities from Unzip Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Unzip Project | Unzip | 5.51 |